Exact syntax and examples for iptables
sunhux G
sunhux at gmail.com
Fri Sep 18 10:34:27 UTC 2009
I can't even start it up as the previous admin hardened it
(but not sure how / where he hardened it)
So despite tt I do
service iptables start,
"service iptables status" still show "Firewall is stopped"
Now, can I use /etc/hosts.deny instead ?
Do I need to do "pkill -HUP tcpd" or
"service xinetd restart" - which of the two
commands shd I execute?
Thanks
On Fri, Sep 18, 2009 at 4:59 PM, Ahmed Sharif <ahmed.sharif.bd at gmail.com>wrote:
> To start IPtables use:
> #service iptables start
>
> To stop iptables use:
> #service iptables stop
>
> Now after inserting the rules if you want to revert back, you need to
> delete
> the rules using -D option of iptables command.
>
> For example the following command will delete rule number 1 from INPUT
> chain.
>
> #iptables -D INPUT 1
>
>
> Regards,
>
> Ahmed Sharif
>
> On Fri, Sep 18, 2009 at 10:44 AM, Aaron Bliss <abliss at brockport.edu>
> wrote:
>
> > You will want to consult this doc, how to setup Iptables on a RedHat box.
> > Rules are written to /etc/sysconfig/iptables.
> >
> > http://kbase.redhat.com/faq/docs/DOC-9017
> >
> > Aaron
> >
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com [mailto:
> > redhat-list-bounces at redhat.com]
> > On Behalf Of sunhux G
> > Sent: Thursday, September 17, 2009 11:27 PM
> > To: General Red Hat Linux discussion list
> > Subject: Re: Exact syntax and examples for iptables
> >
> > Hi Aaron,
> >
> > iptables is not running as the previous sysadmin hardened the server.
> >
> > How do I turn it on?
> >
> >
> > So I issue the two commands you gave on both cluster nodes & it will
> > stop the Windows server from accessing on both nodes as well as the
> > cluster virtual IP address?
> >
> > What's the command to reverse back, in case there's problem, I'll
> > need to fallback
> >
> >
> > Thanks
> > U
> > On Fri, Sep 18, 2009 at 10:35 AM, Aaron Bliss <abliss at brockport.edu>
> > wrote:
> >
> > > Assuming that you already have iptables running
> > >
> > > /sbin/iptables -I RH-Firewall-1-INPUT -s 10.5.5.25 -j DROP
> > > /sbin/service iptables save
> > >
> > > -----Original Message-----
> > > From: redhat-list-bounces at redhat.com [mailto:
> > > redhat-list-bounces at redhat.com]
> > > On Behalf Of sunhux G
> > > Sent: Thursday, September 17, 2009 10:30 PM
> > > To: General Red Hat Linux discussion list
> > > Subject: Exact syntax and examples for iptables
> > >
> > > Hi,
> > >
> > > I have a RHEL 5.1 cluster that's constantly being accessed by
> > > application from a Windows server application via sqlnet (ie Tcp
> > > port 1521) which caused a specific Oracle accounts to be locked.
> > >
> > > Thus I would like to set up iptables / firewall on this Linux box to
> > > stop the sqlnet access. Can someone provide me some example
> > > commands / syntax ?
> > >
> > > Source IP address : 10.5.5.25 (Windows server)
> > > Tcp port : 1521
> > > My Linux boxes IP address : 10.5.5.46 / .47
> > > My Linux cluster virtual addr : 10.5.5.45
> > >
> > > In fact I would like to block on all ports on the Linux cluster to stop
> > > this Windows server from accessing it. So what's the exact commands
> > > I should issue on each of the Linux box? Would iptables also block
> > > the Windows server from accessing the cluster virtual IP addr?
> > >
> > >
> > > Thanks
> > > U
> > > --
> > > redhat-list mailing list
> > > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> > > --
> > > redhat-list mailing list
> > > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > > https://www.redhat.com/mailman/listinfo/redhat-list
> > >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list